Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CLRgicN2fZCJ3UvTLA4mi65dIQc.roa
File: CLRgicN2fZCJ3UvTLA4mi65dIQc.roa (raw, json)
Hash identifier: Td2qe9Uj2LOgQm7jsi5ybizSp6Moz09Q4QhMpliXOWw=
Subject key identifier: 08:B4:60:89:C3:76:7D:90:89:DD:4B:D3:2C:0E:26:8B:AE:5D:21:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A62
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CLRgicN2fZCJ3UvTLA4mi65dIQc.roa
Signing time: Sat 06 Apr 2024 10:22:27 +0000
ROA not before: Sat 06 Apr 2024 10:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14946 (0x3a62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 10:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=08B46089C3767D9089DD4BD32C0E268BAE5D2107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bb:c7:d6:e4:dd:e9:29:a0:e1:fe:e6:bc:46:
d6:1c:24:2d:a1:22:c1:1d:1a:8a:e3:77:3f:2b:4e:
8c:f8:a4:bb:b5:9b:58:ff:28:f7:f0:a5:7e:54:cf:
d1:d6:cf:2c:c2:62:d0:d7:9c:4a:6a:22:4f:d2:b9:
7f:35:97:98:c6:64:8d:fb:b4:ef:3b:aa:a2:9b:3e:
2f:99:04:12:af:b2:05:6d:d7:2b:38:7a:0a:57:a4:
34:c4:36:e1:a4:be:e7:4a:ef:b9:81:c6:df:a1:d6:
33:b3:27:b1:ba:60:aa:08:01:50:9e:bb:4f:45:8b:
79:39:0b:e8:a2:ad:da:f8:cb:95:d6:37:8d:09:43:
66:93:3f:d8:c1:c8:3d:8e:7d:33:7d:f8:17:f5:a8:
79:a9:7d:76:b0:14:28:06:a5:d9:1c:34:f2:09:7f:
22:17:6d:aa:6a:0e:ae:72:0d:1c:b8:9b:80:40:54:
f6:87:b5:fc:58:9c:54:bf:84:64:36:86:1f:ea:b7:
9f:10:08:4f:30:8e:66:cd:68:49:8c:11:04:2f:42:
5c:68:e9:cb:4e:bf:0a:51:bf:19:5d:12:ba:20:ea:
1a:44:86:1c:9c:3e:a0:7a:a2:37:d4:ca:d3:65:6d:
30:b3:45:9e:74:de:af:b8:2d:be:37:2c:d7:a3:54:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B4:60:89:C3:76:7D:90:89:DD:4B:D3:2C:0E:26:8B:AE:5D:21:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CLRgicN2fZCJ3UvTLA4mi65dIQc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:2f:ba:39:71:23:7e:5c:7c:53:07:da:47:27:91:c8:9a:3f:
4e:b2:65:e3:d1:76:7f:e3:d2:09:5c:ef:b2:01:69:b6:b5:9d:
ca:ab:3a:80:7d:5f:b6:1d:0f:75:06:e6:b7:2f:83:91:c8:07:
ca:5e:d0:54:41:04:38:03:45:13:d8:b0:a8:e7:9a:ed:83:b0:
c6:ae:f6:8e:88:69:dd:3a:09:36:a1:40:06:b4:26:0d:aa:91:
f4:44:b8:0f:ed:8c:7a:4e:9b:10:f9:82:1f:73:06:9b:5e:db:
ad:0c:72:f3:ef:cf:36:27:6e:ae:07:c7:1c:af:7f:4f:3c:11:
83:e0:d4:94:00:aa:50:2f:55:44:74:b5:03:33:e9:fc:b7:b0:
e8:6e:84:e5:6b:a5:90:0d:49:b7:3c:49:d0:d8:94:fe:27:89:
98:db:eb:8d:48:2b:36:d3:75:35:62:44:57:85:1b:ba:8b:04:
95:95:7c:1e:34:5c:d7:22:29:d8:af:15:19:6c:73:c1:d6:76:
30:31:5c:27:8a:f6:a4:c6:2b:01:df:3d:2c:29:1f:49:09:cc:
1a:a4:f7:e0:7d:d0:54:f1:09:31:8a:93:9c:7a:45:8a:47:bb:
ca:3c:d1:54:c3:64:ee:76:b8:7d:0b:fa:7a:4f:8d:76:5b:e4:
9e:1d:ec:49
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICOmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
MDIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4QjQ2MDg5QzM3NjdE
OTA4OURENEJEMzJDMEUyNjhCQUU1RDIxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpu8fW5N3pKaDh/ua8RtYcJC2hIsEdGorjdz8rToz4pLu1m1j/
KPfwpX5Uz9HWzyzCYtDXnEpqIk/SuX81l5jGZI37tO87qqKbPi+ZBBKvsgVt1ys4
egpXpDTENuGkvudK77mBxt+h1jOzJ7G6YKoIAVCeu09Fi3k5C+iirdr4y5XWN40J
Q2aTP9jByD2OfTN9+Bf1qHmpfXawFCgGpdkcNPIJfyIXbapqDq5yDRy4m4BAVPaH
tfxYnFS/hGQ2hh/qt58QCE8wjmbNaEmMEQQvQlxo6ctOvwpRvxldErog6hpEhhyc
PqB6ojfUytNlbTCzRZ503q+4Lb43LNejVPnbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCLRgicN2fZCJ3UvTLA4mi65dIQcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NMUmdpY04yZlpDSjNV
dlRMQTRtaTY1ZElRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAby+6OXEjflx8UwfaRyeRyJo/TrJl49F2
f+PSCVzvsgFptrWdyqs6gH1fth0PdQbmty+DkcgHyl7QVEEEOANFE9iwqOea7YOw
xq72johp3ToJNqFABrQmDaqR9ES4D+2Mek6bEPmCH3MGm17brQxy8+/PNidurgfH
HK9/TzwRg+DUlACqUC9VRHS1AzPp/Lew6G6E5WulkA1JtzxJ0NiU/ieJmNvrjUgr
NtN1NWJEV4UbuosElZV8HjRc1yIp2K8VGWxzwdZ2MDFcJ4r2pMYrAd89LCkfSQnM
GqT34H3QVPEJMYqTnHpFike7yjzRVMNk7na4fQv6ek+Ndlvknh3sSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org